On Tue, Nov 10, 2009 at 10:25 PM, Duboucher Thomas <tho...@duboucher.eu> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Bean a écrit : >> Hi, >> >> Oh, I just come up with a better way to do this: >> >> typedef char grub_password_t[1024]; >> >> int >> grub_auth_strcmp (const grub_password_t s1, const grub_password_t s2) >> { >> char r1 = 0; >> char r2 = 0; >> char *p; >> int i, c; >> >> p = &r1; >> c = 0; >> for (i = 0; i < sizeof (grub_password_t); i++, s1++, s2++) >> { >> *p | = (*s1 ^ *s2); >> if ((int) *s1 == c) >> { >> p = &r2; >> c = 0x100; >> } >> } >> >> return (r1 != 0); >> } >> >> The condition (int) *s1 == c would be true exactly once. >> > > Well, it seems I lost something somewhere. I don't understand the need > of doing it exactly sizeof (grub_password_t) times, except from having a > perfectly symetric function. IMHO, stopping the comparison when the > input buffer is done reading, or when the maximum size of a passphrase > is reached does not leak any information to the attacker. So I would > stick to > > typedef char grub_password_t[1024]; > > int > auth_strcmp (const grub_password_t input, grub_password_t key) > { > int retval, it; > > for (it = retval = 0; it < PASSPHRASE_MAXSIZE; it++, input++, key++) > { > retval |= (*input != *key); > > if (*input == '\0') > break; > } > > return !retval; > } > > Also, take care that it requires to check how the function is > optimized; sometimes you have surprises ... ;)
Hi, My previous function ensures that execution time is the same regardless of the input. Although it's not necessary, I guess it's a nice feature to have. BTW, the simpler function does leak one information, the size of buffer as the execution time would increase until the buffer size is reached. -- Bean My repository: https://launchpad.net/burg Document: https://help.ubuntu.com/community/Burg _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel